Amendments to the Claims 

1 Claim 1 (currently amended): A computer-implemented method of providing cross-domain 

2 authentication in a computing environment, comprising steps of: 

3 providing security credentials of an entity to an initial point of contact that provides 

4 content aggregation in the computing environment; 

5 passing the provided credentials from the initial point of contact to a trust proxy; 

6 authenticating the passed credentials with an authentication service in a local security 

7 domain of the trust proxy to authenticate the entity for accessing content from at least one local 

8 content service, each of the at least one local content services operable to provide its content from 

9 the local security domain for aggregation, by the initial point of contact, in an aggregated view ; 

10 and 

1 1 using the authentication performed by the local authentication service to seamlessly 

1 2 authenticate the entity for accessing other content from at least one remote content service in each 

13 of [[to]] at least one or more selected remote security domains, each of the at least one remote 

14 content services operable to provide its content from its remote security domain for aggregation, 

15 by the initial point of contact, in the aggregated view, domains. 

1 Claim 2 (currently amended): The method according to Claim 1 , [[when]] wherein the using step 

2 further comprises the steps of: 

3 consulting policy information to determine which of a plurality of remote security domains 

4 should be selected as the at least one remote security domain; to receive information from the 

5 local authentication service; and 
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6 passing the information from the local authentication service to each of the determined 

7 remote security domains. 



1 Claim 3 (currently amended): The method according to Claim 1, wherein the using step enables 

2 each of the remote content services in the selected remote security domains to be accessed by the 

3 entity without requiring the entity to provide its security credentials for those remote content 

4 services. 

1 Claim 4 (currently amended): The method according to Claim 3, wherein a credential mapping 

2 operation is performed to map the provided security credentials to the entity's security credentials 

3 for each remote content service. 

1 Claim 5 (original): The method according to Claim 1, wherein the entity is an end user. 

1 Claim 6 (original): The method according to Claim 1 , wherein the initial point of contact is a 

2 portal interface. 

1 Claim 7 (original): The method according to Claim 1, wherein the passing step is performed by a 

2 proxy of the initial point of contact. 

1 Claim 8 (original): The method according to Claim 7, wherein the proxy of the initial point of 

2 contact performs a protocol conversion, when passing the provided credentials, from a first 
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3 protocol used in the providing step to a second protocol used by the trust proxy. 

1 Claim 9 (original): The method according to Claim 8, wherein the first protocol is Hypertext 

2 Transfer Protocol ("HTTP") or a security-enhanced version thereof. 

1 Claim 10 (original): The method according to Claim 8, wherein the second protocol is Simple 

2 Object Access Protocol ("SOAP"). 

Claim 1 1 (canceled) 

1 Claim 12 (original): The method according to Claim 1, wherein the using step further comprises 

2 the steps of: 

3 forwarding a security token from the local authentication service to a remote trust proxy 

4 in each of the selected remote security domains; and 

5 using the forwarded security token, at each of the remote trust proxies, to authenticate the 

6 entity with an authentication service in the remote security domain. 

1 Claim 13 (original): The method according to Claim 12, wherein results of the authentication by 

2 the authentication service in the local security domain and results of each authentication by the 

3 authentication services in each selected remote security domain are returned to the initial point of 

4 contact. 
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1 Claim 14 (currently amended): The method according to Claim 13, further comprising the step of 

2 determining, by the initial point of contact, which of the content and the other content services 

3 and/or views thereof can be provided to the entity aggregated by the initial point of contact based 

4 on the returned results. 

1 Claim 15 (original): The method according to Claim 1, wherein the entity has security credentials, 

2 in at least one of the selected remote security domains, that differ from the provided security 

3 credentials, and wherein the using step transparently maps the provided security credentials to the 

4 different security credentials. 

1 Claim 16 (currently amended): A system for enabling an entity to have seamless access to a 

2 plurality of aggregated services which have different identity requirements, comprising: 

3 means for initially authenticating the entity, by a first authentication component, for access 

4 to a first service using an identity provided by the entity; 

5 means for mapping the provided identification to the differing identity requirements of at 

6 least one other service to be aggregated with the first service , thereby establishing mapped 

7 identity requirements for each of the at least one other services; 

8 means for subsequently authenticating the entity for access to each of the at least one 

9 other services , by an authentication component associated with each of the at least one services 

10 that other service , using the mapped identity requirements; and 

1 1 means for aggregating each of the at least one other services and the first service a service 

12 associated with the initial authentication component , if the authentications thereof are successful, 
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into an aggregated result. 



1 Claim 17 (original): The system according to Claim 16, wherein the aggregated result is an 

2 aggregated view. 

1 Claim 18 (original): The system according to Claim 16, wherein the entity is a programmatic 

2 entity. 

1 Claim 19 (currently amended): A computer program product for providing federated identity 

2 management within a distributed content aggregation framework, the computer program product 

3 embodied on one or more computer-readable media and comprising: 

4 computer-readable program code [[means]] for providing, to the content aggregation 

5 framework by a using entity, initial identity information that identifies the using entity for 

6 accessing a first content source that is operable within a first security domain ; 

7 computer-readable program code [[means]] for authenticating the initial identity 

8 information by a first authentication service in [[a]] the first security domain; 

9 computer-readable program code [[means]] for conveying results of the authentication by 

10 the first authentication service to at least one or more selected other authenticatio n services 

1 1 service, each of which is associated wit h one or more other a remote securit y domains domain 

12 that is distinct from the first security domain ; [[and]] 

13 computer-readable program code [[means]] for using the conveyed results to authenticate 

14 the using entity to each of the selected other authentication services for accessing a remote 
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15 content source operable within the remote security domain that is associated with that selected 

16 other authentication service , without requiring the using entity to provide additional identity 

17 informatio n; and 

18 aggregating content from the first content source and other content from each of the 

19 remote content sources for presentation in an aggregated view rendered by the content 

20 aggregation framework . 

1 Claim 20 (original): The computer program product according to Claim 19, wherein the initial 

2 identity information is a name and password associated with the using entity. 

1 Claim 21 (new): The method according to Claim 1, further comprising the step of rendering, by 

2 the initial point of contact, the aggregated view. 
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